Chainlit
Monthly
Chainlit versions before 2.9.4 with SQLAlchemy backend contain a server-side request forgery vulnerability in the project element update endpoint that allows authenticated attackers to make arbitrary HTTP requests from the server. Public exploit code exists for this vulnerability, enabling attackers to reach internal network services, cloud metadata endpoints, and store responses through the configured storage system. The vulnerability affects AI/ML applications using vulnerable Chainlit deployments and currently has no available patch.
Authenticated users in Chainlit versions before 2.9.4 can read arbitrary files accessible to the Chainlit service through a path traversal flaw in the element update endpoint. By crafting a malicious Element with a custom path, an attacker retrieves file contents via the /project/file API, enabling disclosure of sensitive data. Public exploit code exists for this vulnerability and no patch is currently available.
Chainlit versions before 2.9.4 with SQLAlchemy backend contain a server-side request forgery vulnerability in the project element update endpoint that allows authenticated attackers to make arbitrary HTTP requests from the server. Public exploit code exists for this vulnerability, enabling attackers to reach internal network services, cloud metadata endpoints, and store responses through the configured storage system. The vulnerability affects AI/ML applications using vulnerable Chainlit deployments and currently has no available patch.
Authenticated users in Chainlit versions before 2.9.4 can read arbitrary files accessible to the Chainlit service through a path traversal flaw in the element update endpoint. By crafting a malicious Element with a custom path, an attacker retrieves file contents via the /project/file API, enabling disclosure of sensitive data. Public exploit code exists for this vulnerability and no patch is currently available.